The FBI is investigating a cyber breach that affected an unclassified system used to manage wiretaps and foreign intelligence surveillance warrants. The agency began reviewing activity on February 17 after noticing abnormal log entries.
KEY FACTS
- Incident FBI investigating a network breach tied to wiretap management systems
- Investigation start Agency began review on February 17
- Data Affected system is unclassified and holds law enforcement sensitive returns and personally identifiable information
- Disclosure Extent of access or data exfiltration has not been disclosed
A notification to Congress, as reported by the Associated Press, said the FBI began investigating the breach on February 17 after spotting abnormal log information related to a system on its network.
The notification describes the affected system as unclassified and containing law enforcement sensitive information, including returns from legal process such as pen register and trap and trace surveillance returns and personally identifiable information pertaining to subjects of FBI investigations.
Agency communications indicate the activity was identified and addressed and that technical capabilities were deployed as part of the response. The FBI provided no additional operational details.
China-linked Salt Typhoon has previously been reported to have compromised wiretapping systems used by law enforcement, providing context for concerns about the security of such networks.
WHY IT MATTERS
The affected system holds legally obtained surveillance returns and personal data for investigation subjects. Any compromise could expose sensitive investigative material and subject information, and the full impact will depend on whether data were accessed or removed.